EDUCAUSE Identity and Access Management Working Group Thursday, October 14, p.m. EDT / 1 p.m. PDT
|
|
- Bruce Butler
- 8 years ago
- Views:
Transcription
1 IAM Online EDUCAUSE Identity and Access Management Working Group Thursday, October 14, p.m. EDT / 1 p.m. PDT IAM Online is brought to you by InCommon, in cooperation with Internet2 and! the EDUCAUSE Identity and Access Management Working Group 1
2 IAM Online EDUCAUSE Identity & Access Management Working Group Update Featuring EDUCAUSE s Implementation of Federated Identity Management IAM ONLINE IS BROUGHT TO YOU BY INCOMMON, IN COOPERATION WITH INTERNET2 AND! THE EDUCAUSE IDENTITY AND ACCESS MANAGEMENT WORKING GROUP" 2
3 EDUCAUSE Identity & Access Management Working Group Initiatives Charge to IAM project teams IAM online sessions in collaboration with InCommon and Internet2 Identified one key deliverable for each project team Met regularly to keep the conversation going List currently has 1,180 subscribers Averaging 65 posts a month Topics range from technical to policy 3
4 Awareness & Advocacy Purpose: Help CIOs and IT leaders understand the strategic importance of IAM for their enterprise Discuss and identify ways to inform/educate CIO s and IT leaders, helping them become mindful of IAM and knowledgeable of key aspects of IAM and effective advocates for it at their institutions Featured Project: IAM communications plan for CIO s Project Description: Toolkit for CIO s as they work to roll out IAM on their campus. IAM Primer (What is it, why it s important, roles/responsibilities, governance) CIO IAM Resource Kit Contact: Matthew Dalton (daltonm@ohio.edu) 4
5 Outreach & Coordination Purpose: Identify and engage one or more key professional communities to advocate, integrate, and facilitate interoperable IAM Featured Project: Association of College & University Auditors Project Description: Add IdM section to ACUA s Risk Dictionary to enable auditors to build IdM-appropriate assessment programs Create & disseminate value proposition materials for IdM, Federated IdM, and InCommon s Identity Assurance program (Silver) Help InCommon align Identity Assurance program with campus assessment practices Contact: Tom Barton (tbarton@uchicago.edu) 5
6 IAM Tools & Effective Practices Purpose: The IAM Tools & Effective Practices Working Group is focused on establishing a set of resources for IAM Architects to use in implementing a cohesive program on their respective campuses. Individual projects and events will support this effort and may focus on the revision of existing documents or processes as well as the creation of new resources or tools. Featured Project: Two efforts (1) Solicit and publish peer input on solutions to current IAM challenges or Hot Topics ; (2) Link to new or existing resources for each topic highlighted. Project Description: Survey IDM listserv (members and recent list threads ) to identify current areas of IAM interest or concern to spotlight during the coming year Develop a web site to present content in an organized and useful way Tag current resources after reviewing for currency and relevancy Contact: Mark Scheible (mark_scheible@ncsu.edu) 6
7 EDUCAUSE S IMPLEMENTATION OF FEDERATED IDM AND INCOMMON Matthew Pasiewicz, Manager of Web Development, EDUCAUSE Craig Hancock, Senior Programmer/Analyst, EDUCAUSE 7
8 VERY APPRECIATIVE We re very grateful for the hard work of Craig Hancock & Mehmet Alkanlar who helped bring our support for InCommon to life. The community has been great and very supportive. Special Thanks To: The University of Chicago Colorado State University The Johns Hopkins University University of Alaska Lafayette College The University of Washington The Ohio State University Brown University
9 BACKGROUND INFORMATION 65 Staff We re smaller than many of your IT departments More than 2,200 member organizations Domestic & International Users Universities, Corporations, Associations, etc. User base of 110,000 + Most logins at point of need Destination site, but high percentage of content is freely available Some content/services password protected (CoreData, ECAR, etc)
10 GETTING STARTED/OBSERVATIONS Better Security & Greater Trust Better Customer Service no password calls/ s streamlined setup Lower Operational Overhead Great Community == Lots of Help InCommon is an organization poised for rapid expansion!
11 EDUCAUSE/INCOMMON STATUS Large majority of site shib enabled since May.EDU Administration is great candidate, but hard More services likely next year
12 TARGETED/PERSISTENT IDS I heart disambiguous identifiers. Reduces confusion by letting SPs know that an EPPN has changed or been reused. More secure/less margin for error/lower TCO
13 EDUCAUSE/INCOMMON STATUS 154 InCommon IdPs Based on Federation Metadata from 10/12/ % Already Setup We re ready for more! 52 IdPs (61 organizations) have used our self service setup system. More than 1,300 users have logged almost 3,000 times. Roughly 500 new-to-educause users created!
14 ALL LOGIN ACTIVITY Almost 40,000 Logins Processed Still a long way to go
15 FEDERATED LOGIN ACTIVITY Almost 3,000 Logins Processed Slow, steady growth with nice jump timed with a E10 registration mailing
16 SUPPORTING TECHNOLOGIES Drupal Shib Auth NIIF (Hungarian Research and Education Network) Modified extensively, but good starting point SWITCHwayf PHP BSD licensed WAYF/DS implementation from Switzerland Shibboleth You don t really need that URL, do ya?
17 LESSONS LEARNED Testing is HARD, but community is great SLO (single log out) remains a tough issue Fingers crossed for metadata expansion No standardized keys for entities IPEDS Unit ID is on our wishlist Some IdPs exposing both SAML 1 and 2 attributes
18 BIG QUESTIONS How to handle the initial (IdP) setup process What do we do with existing users (aka How do we handle the boarding process) How do we handle support issues
19 OPEN QUESTIONS Where should we go next? Enable other services a matter of timing. Pursue other federations/inter-federation support? Should we require login thru institutional IdP? No EDUCAUSE managed user/pass allowed?
20 NEXT STEPS Refine the setup process Continue monitoring use Encourage adoption Monitor risks Expand to other EDUCAUSE services
21 THANK YOU
22 ATTRIBUTE REQUIREMENTS Requested Attributes Optional Attributes ATTRIBUTE OPTION A OPTION B (NameID with Format) persistentid urn:oid: urn:oasis:names:tc:saml: 2.0:nameid-format:persistent ATTRIBUTE SAML 1 SAML 2 nickname urn:mace:dir:attributedef:edupersonscopedaffiliation urn:mace:dir:attributedef:edupersonnickname urn:oid: title urn:mace:dir:attribute-def:title urn:oid: Required Attributes cn urn:mace:dir:attribute-def:cn urn:oid: ATTRIBUTE SAML 1 SAML 2 eppn urn:mace:dir:attributedef:edupersonprincipalname urn:oid: displayname primaryaffiliation urn:mace:dir:attributedef:displayname urn:mace:dir:attributedef:edupersonprimaryaffiliation urn:oid: urn:oid: sn urn:mace:dir:attribute-def:sn urn:oid: givenname urn:oid: mail urn:mace:dir:attribute-def:mail urn:oid: affiliation * urn:mace:dir:attributedef:givenname urn:oid: street urn:mace:dir:attribute-def:street urn:oid: st urn:mace:dir:attribute-def:st urn:oid: l urn:mace:dir:attribute-def:l urn:oid: postalcode urn:mace:dir:attribute-def:postalcode urn:oid: telephonenumber urn:mace:dir:attributedef:telephonenumber urn:oid: Please note, only persons with the Member@ scoped affiliation will be authorized to access the portfiolio of services available to your institution.
23 Call to Action Join Identity Management Discussion Group Website: Volunteer for the Working Group of a Project Team idm@educause.edu For more information, visit Contacts: Chris Duffy (CDuffy@peirce.edu) Valerie Vogel (vvogel@educause.edu) Rodney Petersen (rpetersen@educause.edu) 23
24 Survey Please complete the survey about today s IAM Online: Internet2 Fall Member Meeting Federation track, Middleware track November 1-5, 2010 Atlanta, Georgia events.internet2.edu/2010/fall-mm/ Day CAMP: Getting Started with the InCommon Federation November 4-5, 2010 Atlanta, Georgia Shibboleth Workshop Series Lafayette College (Easton, PA) November 9, 2010 Identity Provider November 10, 2010 Service Provider 24
25 Survey Please complete the survey about today s IAM Online: Next IAM Online November 11, 2010 Federated Provisioning and Google Groups Speakers will describe work on federated provisioning with an emphasis on provisioning groups with Google. Thank you to InCommon Affiliates for helping to make IAM Online possible. Brought to you by InCommon, in cooperation with Internet2! and the EDUCAUSE Identity and Access Management Working Group 25
P U R D U E U N I V E R S I T Y
P U R D U E U N I V E R S I T Y IAMO Shibboleth Attribute Release Memorandum of Understanding Between the designated Purdue University administrative or educational group, called the Client, and the Department
More informationMulti-Factor Authentication: All in This Together
Multi-Factor Authentication: All in This Together Host: Tom Barton, University of Chicago Speakers: IAM Online September 11, 2013 Eric Goodman, University of California Office of the President Mike Grady,
More informationFederated Identity Management and Shibboleth. Noreen Hogan Asst. Director Enterprise Admin. Applications
Federated Identity Management and Shibboleth Noreen Hogan Asst. Director Enterprise Admin. Applications Federated Identity Management Management of digital identity/credentials (username/password) Access
More informationBrought to you by InCommon in cooperation with Internet2 and the EDUCAUSE Identity and Access Management Working Group.
IAM Online Brought to you by InCommon in cooperation with Internet2 and the EDUCAUSE Identity and Access Management Working Group. IAM Online is a new monthly series delivering interactive education on
More informationNew InCommon Working Groups
New InCommon Working Groups IAM Online August 13, 2014 Steve Carmody, Brown University Paul Caskey, University of Texas System Janemarie Duh, Lafayette College Keith Hazelton, University of Wisconsin Madison
More informationCommIT: Simplifying Admissions Identity Management
CommIT: Simplifying Admissions Identity Management IAM Online August 14, 2013 Speaker: Charlie Leonhardt, Georgetown University Moderator: Rodney Petersen, Senior Government Relations Officer and Managing
More informationGovernance of Identity and Access Management at Institutions of Higher Education Wednesday, October 12, 2011 3 p.m. ET
IAM Online Governance of Identity and Access Management at Institutions of Higher Education Wednesday, October 12, 2011 3 p.m. ET Brendan Bellina, University of Southern California Matthew Dalton, Ohio
More informationImplementing an Effective Identity and Access Management (IAM) Program An Update from the EDUCAUSE IAM Program Project Team
Implementing an Effective Identity and Access Management (IAM) Program An Update from the EDUCAUSE IAM Program Project Team Wednesday, October 10, 2012 3 p.m. ET David Sherry, Brown University Miguel Soldi,
More informationMulti-Factor Authentication, Assurance, and the Multi-Context Broker
Multi-Factor Authentication, Assurance, and the Multi-Context Broker IAM Online April 30, 2014 Keith Wessel, University of Illinois, Urbana-Champaign David Langenberg, University of Chicago David Walker,
More informationUsing Shibboleth for Single Sign- On
Using Shibboleth for Single Sign- On One Logon to Rule them all.. Kirk Yaros Director, Enterprise Services Mott Community College 1 Agenda Overview of Mott Overview of Shibboleth and Mott s Project Review
More informationSecurity Awareness for User Authentication: Passwords and Beyond
IAM Online October 9, 2013 Security Awareness for User Authentication: Passwords and Beyond Host: Rodney Petersen, EDUCAUSE Speakers: Cathy Hubbs, American University Tom Davis, Indiana University Bob
More informationFederated Wikis Andreas Åkre Solberg andreas@uninett.no
Federated Wikis Andreas Åkre Solberg andreas@uninett.no Wikis in the beginning...in the beginning wikis were wide open. Great! - But then the spammers arrived. Password protected wikis Create yet another
More informationFederated Identity: Leveraging Shibboleth to Access On and Off Campus Resources
Federated Identity: Leveraging Shibboleth to Access On and Off Campus Resources Paul Riddle University of Maryland Baltimore County EDUCAUSE Mid-Atlantic Regional Conference January 16, 2008 Copyright
More informationShibboleth Authentication. Information Systems & Computing Identity and Access Management May 23, 2014
Shibboleth Authentication Information Systems & Computing Identity and Access Management May 23, 2014 For every question an answer: Why should I care about SAML? What is a Shibboleth? What is a Federation?
More informationIdentity Management. Manager, Identity Management. Academic Technology Services. Michigan State University Board of Trustees
Identity Management and Shibboleth h at MSU Jim Green Manager, Identity Management Michigan State t University it Academic Technology Services Identity Management Definition: Identity management is the
More informationTRUST AND IDENTITY EXCHANGE TALK
TRUST AND IDENTITY EXCHANGE TALK Ken Klingenstein, Internet2 2015 Internet2 Trust and Identity Why It Matters An Identity Layer for the Internet Benefits for the Rest of the Stack What It Is Technologies
More informationThree Campus Case Studies: Managing Access with Grouper
Three Campus Case Studies: Managing Access with Grouper IAM Online March 13, 2013 Speakers: Paul Donahue and Keith Hazelton, University of Wisconsin-Madison Sébastien Gagné, University of Montreal Rahul
More informationUW System Identity & Access Management (IAM) Recommended Strategic Roadmap
UW System Identity & Access Management (IAM) Recommended Strategic Roadmap Fall 2015 ITMC (Rev 1/11) Our challenge CIOs charged IAM-TAG with recommending an IAM strategy that would: Establish an identity
More informationInCommon Basics and Participating in InCommon
InCommon Basics and Participating in InCommon A Summary of Resources Updated October 25, 2013 Copyright 2011-2013 by Internet2, InCommon and/or the respective authors Table of Contents TABLE OF CONTENTS
More informationShibboleth Configuration from 100,000 Feet, in 15 Minutes or Less! Steve Thorpe Systems Programmer / Analyst MCNC
Shibboleth Configuration from 100,000 Feet, in 15 Minutes or Less! Steve Thorpe Systems Programmer / Analyst MCNC Helpful Skill Sets Include Basic Knowledge Of: Your OS: Linux or Windows Experience using
More informationThree Case Studies in Access Management
Three Case Studies in Access Management IAM Online June 10, 2015-2 pm EDT Andy Morgan, Oregon State University Mandeep Saini, GÉANT Albert Wu, UCLA Moderator: Tom Barton, University of Chicago Fit for
More informationIntegrating Multi-Factor Authentication into Your Campus Identity Management System
Integrating Multi-Factor Authentication into Your Campus Identity Management System Mike Grady, Unicon David Walker, Internet2 (both associated with the Internet2 Scalable Privacy Project) Agenda Multi-Context
More informationGetting Started with Single Sign-On
Getting Started with Single Sign-On I. Introduction Your institution is considering or has already purchased Collaboratory from Treetop Commons, LLC. One benefit provided to member institutions is Single
More informationOvercoming Barriers to Federation and Making IdPs Easier
Overcoming Barriers to Federation and Making IdPs Easier Paul Caskey, Internet2 Janemarie Duh, Lafayette College Chris Phillips, CANARIE David Walker, Internet2 Overview Barriers to Deploying an IdP and
More informationAuthentication Methods
Authentication Methods Overview In addition to the OU Campus-managed authentication system, OU Campus supports LDAP, CAS, and Shibboleth authentication methods. LDAP users can be configured through the
More informationGetting Started with Single Sign-On
Getting Started with Single Sign-On I. Introduction NobleHour sets out to incentivize civic engagement by enabling users within companies, educational institutions, and organizations to conduct and coordinate
More informationLogout Support on SP and Application
Logout Support on SP and application Logout Support on SP and Application Possibilities and and Limitations SWITCHaai Team aai@switch.ch Single Logout: Is it possible? Single Logout will work only in some
More informationFederated Identity for Cloud Computing and Cross-organization Collaboration
Federated Identity for Cloud Computing and Cross-organization Collaboration Steve Moitozo Strategy and Architecture SIL International 20110616.2 (ICCM) Follow me @SteveMoitozo2 2 Huge Claims You want federated
More informationShibboleth User Verification Customer Implementation Guide 2015-03-13 Version 3.5
Shibboleth User Verification Customer Implementation Guide 2015-03-13 Version 3.5 TABLE OF CONTENTS Introduction... 1 Purpose and Target Audience... 1 Commonly Used Terms... 1 Overview of Shibboleth User
More informationMoodle and Office 365 Step-by-Step Guide: Federation using Active Directory Federation Services
Moodle and Office 365 Step-by-Step Guide: Federation using Active Directory Federation Services This document is provided as-is. Information and views expressed in this document, including URL and other
More informationNET+: A Cloud Services Strategy for Research & Educa<on Networks
NET+: A Cloud Services Strategy for Research & Educa
More informationSD Departmental Meeting November 28 th, 2006. Ale de Vries Product Manager ScienceDirect Elsevier
ש בולת SD Departmental Meeting November 28 th, 2006 Ale de Vries Product Manager ScienceDirect Elsevier Shi... whát? : Shibboleth ש בולת [...] "stream, torrent". It derives from a story in the Hebrew Bible,
More informationUSING ESPRESSO [ESTABLISHING SUGGESTED PRACTICES REGARDING SINGLE SIGN ON] TO STREAMLINE ACCESS
USING ESPRESSO [ESTABLISHING SUGGESTED PRACTICES REGARDING SINGLE SIGN ON] TO STREAMLINE ACCESS Andy Ingham (UNC-Chapel Hill) NASIG Annual Conference, June 4, 2011 What I hope to cover Problem statement
More informationFederated Identity Management Checklist
Federated Identity Management Checklist This document lists the minimum (marked with an *) and recommended policy, process, and technical steps required to implement Federated Identity Management and operate
More informationGuide to Getting Started with the CommIT Pilot
Guide to Getting Started with the CommIT Pilot Fall 2013 2 Table of Contents What is the CommIT Pilot?... 3 What is the scope for the Pilot?... 3 What is the timeframe for the Pilot?... 5 What are the
More informationAre Passwords Passé?
Are Passwords Passé? Deployment Strategies for Multifactor Authentication IAM Online December 10, 2014 Mike Grady, Scalable Privacy Project David Walker, Scalable Privacy Project Thank you to InCommon
More informationSingle Logout. TF-EMC2 2010 Vienna 17 th February 2010. Kristóf Bajnok NIIF Institute
TF-EMC2 2010 Vienna 17 th February 2010 Kristóf Bajnok NIIF Institute TF-EMC2 2010 Vienna 17 th February 2010 Kristóf Bajnok NIIF Institute Everybody wants to logout... Single sign-on is a powerful toy
More informationFederated Identity Management and Shibboleth: Policy and Technology for Collaboration
Federated Identity Management and Shibboleth: Policy and Technology for Collaboration Marianne Colgrove, Deputy CTO, Reed Joel Cooper, Director of Information Technology Services, Carleton John O Keefe,
More informationDevelopment and deployment of integrated attribute based access control for collaboration
Development and deployment of integrated attribute based access control for collaboration Collaborations and Virtual Organizations IdM is a critical dimension of collaboration, crossing many applications
More informationNebraska ESUCC InCommon K-12 Pilot Summary
Nebraska ESUCC InCommon K-12 Pilot Summary September 14, 2015 Overview Our experience with the Quilt Internet2 InCommon Federation s K 12 pilot program has been incredibly valuable for the knowledge our
More informationInCommon Affiliates Webinar Three Case Studies with Unicon September 18, 2013
InCommon Affiliates Webinar Three Case Studies with Unicon September 18, 2013 John O Keefe, VP IT & CIO, Lafayette College Keith Hazelton, Senior IT Architect, University of Wisconsin-Madison Tim Calhoon,
More informationCustomizing ShopWindow Client Software - Bespoke Functionality -
Customizing ShopWindow Client Software - Bespoke Functionality - Contents INTRODUCTION... 3 ELEMENTS OF CLIENT SOFTWARE... 4 ELEMENTS... 4 HOT PICKS... 6 INTEGRATING AN ELEMENT... 7 CONSTANTS.INC.PHP FILE...
More informationFederation At Fermilab. Al Lilianstrom National Laboratories Information Technology Summit May 2015
Federation At Fermilab Al Lilianstrom National Laboratories Information Technology Summit May 2015 About Fermilab Since 1967, Fermilab has worked to answer fundamental questions and enhance our understanding
More informationSingle Sign-On for the UQ Web
Single Sign-On for the UQ Web David Gwynne Infrastructure Architect, ITIG, EAIT Taxonomy Authentication - Verification that someone is who they claim to be - ie, only the relevant user
More informationMulti-factor Authentication Considerations for InCommon Silver. Mary Dunker Virginia Tech dunker@vt.edu InCommon Confab April 26, 2012
Multi-factor Authentication Considerations for InCommon Silver Mary Dunker Virginia Tech dunker@vt.edu InCommon Confab April 26, 2012 Disclaimer All opinions expressed in this presentation are strictly
More informationBusiness and Process Requirements Business Requirements mapped to downstream Process Requirements. IAM UC Davis
Business and Process Requirements Business Requirements mapped to downstream Process Requirements IAM UC Davis IAM-REQ-1 Authorization Capabilities The system shall enable authorization capabilities that
More informationMigrating application users and passwords with Password Manager
Migrating application users and passwords with Password Manager 2015 Hitachi ID Systems, Inc. All rights reserved. Contents 1 Introduction 1 2 Migrating Users 1 3 Initializing Passwords 2 4 Maintaining
More informationShibboleth N-Tier Support. Chad La Joie chad.lajoie@switch.ch
Shibboleth N-Tier Support Chad La Joie chad.lajoie@switch.ch Agenda Use Case Terminology Shibboleth Solution Future Effort Resources 2 Use Case Current use case comes from University of Chicago University
More informationT0 Federation Scaling through self service. September, Heath Marks, Manager AAF.
T0 Federation Scaling through self service September, Heath Marks, Manager AAF. Big responsibility, small footprint The value of the AAF is a shared service for Australian Research and Education We allow
More informationIntegration of Shibboleth and (Web) Applications
workshop Integration of Shibboleth and (Web) Applications MPG-AAI Workshop Clarin Centers Prague 2009 2009-11-06 (Web) Application Protection Models Classical Application behind Shibboleth Standard Session
More informationConfiguring SAML2 for Single Sign On to Smartsheet (Enterprise Only)
Configuring SAML2 for Single Sign On to Smartsheet (Enterprise Only) This document is intended for technical professionals who are familiar with SAML and have access to the Identity Provider that will
More informationAAI for Mobile Apps How mobile Apps can use SAML Authentication and Attributes. Lukas Hämmerle lukas.haemmerle@switch.ch
AAI for Mobile Apps How mobile Apps can use SAML Authentication and Attributes Lukas Hämmerle lukas.haemmerle@switch.ch Berne, 13. August 2014 Introduction App by University of St. Gallen Universities
More informationCanadian Access Federation: Trust Assertion Document (TAD)
Participant Name: RESEARCH RESEARCH LTD. 1. Purpose A fundamental requirement of Participants in the Canadian Access Federation is that they assert authoritative and accurate identity attributes to resources
More informationFederated Identity Management. Willem Elbers (MPI-TLA) EUDAT training
Federated Identity Management Willem Elbers (MPI-TLA) EUDAT training Date: 26 June 2012 Outline FIM and introduction to components Federation and metadata National Identity federations and inter federations
More informationFederated Identity Management at NIH NIH Login and Beyond. Debbie Bucci October 2009
Federated Identity Management at NIH NIH Login and Beyond Debbie Bucci October 2009 About NIH National Institutes of Health (NIH) Part of the U.S. Dept. of Health & Human Services Primary Federal agency
More informationOctober 4, 2012 Dedra Chamberlin, Celeste Copeland, Keith Hazelton. CIFER and Friends Thursday, Oct. 4, 10:30 11:45 am Philadelphia North
October 4, 2012 Dedra Chamberlin, Celeste Copeland, Keith Hazelton CIFER and Friends Thursday, Oct. 4, 10:30 11:45 am Philadelphia North Community Identity Framework for Education and Research (CIFER)
More informationGlobus Auth. Steve Tuecke. The University of Chicago
Globus Auth Enabling an extensible, integrated ecosystem of services and applications for the research and education community. Steve Tuecke The University of Chicago Cloud has transformed how platforms
More informationThree Case Studies InCommon Certificate Service
Three Case Studies InCommon Certificate Service IAM Online July 8, 2015-2 pm EDT Jim Basney, National Center for Supercomputing Applications (and XSEDE) Christopher Bongaarts, University of Minnesota Kevin
More informationIntroducing Shibboleth
workshop Introducing Shibboleth MPG-AAI Workshop Clarin Centers Prague 2009 2009-11-06 MPG-AAI MPG-AAI a MPG-wide Authentication & Authorization Infrastructure for access control to web-based resources
More informationINCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES
INCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES Participation in the InCommon Federation ( Federation ) enables a federation participating organization ("Participant") to use Shibboleth identity
More informationLogout in Single Sign-on Systems
Logout in Single Sign-on Systems Sanna Suoranta, Asko Tontti, Joonas Ruuskanen, Tuomas Aura IFIP IDMAN, London, UK, 8-9.4.2013 Logout in Single Sign-on Systems Motivation Single sign-on (SSO) systems SSO
More informationAuth0 SSO Drives B2B Expansion
Auth0 SSO Drives B2B Expansion An Auth0 Customer Case Study auth0.com Setting up our application to integrate with one partner and then having that partner act as a service hub for dozens of identity systems
More informationInCommon Bronze Self-Certification September 26, 2014
September 26, 2014 This document contains the compliance assertions of Harvard University regarding InCommon Assurance Profile 1.2. Name of organization: Harvard University Name of contact: Scott Bradner
More informationProvisioning and Deprovisioning 1 Provisioning/De-provisiong replacement 1
Item Count Provisioning/Deprovisioning Automated Deprovisioning 1 Automated on/off boarding from an authoritative source AUTOMATED [DE-]PROVISIONING 1 Removal of resources at the appropriate time 1 Timeliness
More informationSocial Media Single Sign-On: Could You Be Sharing More than Your Password?
Social Media Single Sign-On: Could You Be Sharing More than Your Password? SESSION ID: HUM-W03B 2/26/14 (Wednesday) 11:20 AM - West 3005 Tom R. Smith VP, Business Dev & Strategy, CloudEntr www.cloudentr.com
More informationDemystifying Privilege and Access Management Strategies for Local, Federated, and Cloud Environments
Demystifying Privilege and Access Management Strategies for Local, Federated, and Cloud Environments Wednesday, August 8, 2012 3 p.m. ET Chris Phillips, Technical Architect, Canadian Access Federation
More informationFederated Identity Management
Federated Identity Management AKA, Identity Federation or just Federation Siju Mammen SANReN 28th March 2013 Table of contents What is Federation? Main Actors in the Federation game Research and Education
More informationMACE-Dir SAML Attribute Profiles
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 MACE-Dir SAML Attribute Profiles April 2008 Document identifier: internet2-mace-dir-saml-attributes-200804a Location: http://middleware.internet2.edu/dir Editors:
More informationWhat is TIER? Trust and Identity in Education and Research
MELISSA WOO, U OF OREGON, ANN WEST, INTERNET2 WHAT IS TIER? WEBINAR MARCH 4, 2015 What is TIER? Trust and Identity in Education and Research What is TIER all about? -- The Environmental Context Federated
More informationCloud Single Sign-On and On-Premise Identity Federation with SAP NetWeaver Cloud White Paper
Cloud Single Sign-On and On-Premise Identity Federation with SAP NetWeaver Cloud White Paper TABLE OF CONTENTS INTRODUCTION... 3 Where we came from... 3 The User s Dilemma with the Cloud... 4 The Administrator
More informationIDENTITY MANAGEMENT ROLLOUT: IN A HURRY. Jason Blackader, UNIX Systems Administrator
IDENTITY MANAGEMENT ROLLOUT: IN A HURRY Jason Blackader, UNIX Systems Administrator Undergraduate, Graduate, Continuing Ed Industrial Design, Communication Design, Design Sciences, Arts & Media Two Campuses
More informationWIRELESS TRAINING SOLUTIONS. by vlogic, Inc. L a b 0.2 Access to Content Management System
WIRELESS TRAINING SOLUTIONS by vlogic, Inc L a b 0.2 Access to Content Management System WIRELESS TRAINING SOLUTIONS Hands-on Workshop and Lab Guide Table of Contents Accessing the Wireless Training Solutions
More informationSingle Sign-on. Overview. Using SSO with the Cisco WebEx and Cisco WebEx Meeting. Overview, page 1
Overview, page 1 Using SSO with the Cisco WebEx and Cisco WebEx Meeting Applications, page 1 Requirements, page 2 Configuration of in Cisco WebEx Messenger Administration Tool, page 3 Sample Installation
More informationConfiguring Single Sign-on from the VMware Identity Manager Service to WebEx
Configuring Single Sign-on from the VMware Identity Manager Service to WebEx VMware Identity Manager SEPTEMBER 2015 V 2 Configuring Single Sign-On from VMware Identity Manager to WebEx Table of Contents
More informationKeeping access control while moving to the cloud. Presented by Zdenek Nejedly Computing & Communications Services University of Guelph
Keeping access control while moving to the cloud Presented by Zdenek Nejedly Computing & Communications Services University of Guelph 1 Keeping access control while moving to the cloud Presented by Zdenek
More informationInCommon Partnership Models and Trust Fabrics. Mark Johnson Mark Scheible Ann West John Krienke David Walker
InCommon Partnership Models and Trust Fabrics Mark Johnson Mark Scheible Ann West John Krienke David Walker Overview and Motivation Accelerate development of a business model that supports CAIs MCNC offered
More informationIntegration Guide. SafeNet Authentication Service. Using SAS as an Identity Provider for Drupal
SafeNet Authentication Service Integration Guide Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright 2013 SafeNet, Inc. All rights reserved. 1 Document Information
More informationSAML Single-Sign-On (SSO)
C O L A B O R A T I V E I N N O V A T I O N M A N A G E M E N T Complete Feature Guide SAML Single-Sign-On (SSO) 1. Features This feature allows administrators to setup Single Sign-on (SSO) integration
More informationWeb Application Access
This guide provides information on: Establishing a WAM account for those individuals who do not have an EPA LAN account Logging on to Web Application Access (WAA) Viewing and entering your communities
More informationUniversity of Wisconsin - Platteville UNIVERSITY WIDE INFORMATION TECHNOLOGY STRATEGIC PLAN 2014
University of Wisconsin - Platteville UNIVERSITY WIDE INFORMATION TECHNOLOGY STRATEGIC PLAN 2014 Strategic PRIORITIES 1 UNIVERSITY WIDE IT STRATEGIC PLAN ITS is a trusted partner with the University of
More informationAAA for IMOS: Australian Access Federation & related components
AAA for IMOS: Australian Access Federation & related components James Dalziel Professor of Learning Technology, and Director, Macquarie E-Learning Centre Of Excellence (MELCOE) Macquarie University james@melcoe.mq.edu.au
More informationAuthentication Credentials Complexity Standard
Authentication Credentials Complexity Standard Table of Contents Revisions... 2 Overview... 3 Risk Levels... 3 Risk Level 1... 3 Risk Level 2... 3 Risk Level 3... 3 Risk Level 4... 3 Standards for Credentials
More informationSingle Sign On: Volunteer User Guide
Single Sign On: Volunteer User Guide V3.0 Document Owner: Pathways Project Issue Date: 11-Jun-15 Purpose of the Document The Single Sign On (SSO) User Guide has been developed to provide users with instructions
More informationРазработка программного обеспечения промежуточного слоя. TERENA BASNET Workshop, 16-17 November 2009 Joost van Dijk - SURFnet
Разработка программного обеспечения промежуточного слоя TERENA BASNET Workshop, 16-17 November 2009 Joost van Dijk - SURFnet Contents - SURFnet Middleware Services department: - eduroam, SURFfederatie,
More informationFederating with Web Applications
Federating with Web Applications Janusz Ulawski HEAnet Ltd November 11, 2010 Agenda 1 Providing access to your WebApp 2 Federated Access Software with SAML 2.0 support 3 Federating your WebApp Shibboleth
More informationOffice of the Chief Information Officer Department of Energy Identity, Credential, and Access Management (ICAM)
Department of Energy Identity, Credential, and Access Management (ICAM) Cyber Security Training Conference Tuesday, May 18, 2010 1 Announcement LACS Birds-of-a-Feather Session Logistics Wednesday, May
More informationShibboleth Identity Provider (IdP) Sebastian Rieger sebastian.rieger@gwdg.de
Shibboleth Identity Provider (IdP) Sebastian Rieger sebastian.rieger@gwdg.de Gesellschaft für wissenschaftliche Datenverarbeitung mbh Göttingen, Germany CLARIN AAI Hands On Workshop, 25.02.2009, Oxford
More informationINCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES
INCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES 1. Federation Participant Information 1.1 The InCommon Participant Operational Practices information below is for: InCommon Participant organization
More informationCal Racey Caleb.Racey@ncl.ac.uk
Identity Management: Services, Tools and Processes Cal Racey Caleb.Racey@ncl.ac.uk Context: Who I am Cal Racey System Architecture Manager: 9 years experience of Middleware application provision Particular
More informationINCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES
INCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES Participation in the InCommon Federation ( Federation ) enables a federation participating organization ("Participant") to use Shibboleth identity
More informationActive Directory Sync (AD) How to Setup
Active Directory Sync (AD) How to Setup 1 P a g e Contents How to Setup Active Directory Sync... 3 Download your AD Script... 3 Configuration... 5 Active Directory Sync F.A.Q... 6 2 P a g e How to Setup
More informationCAS s IDP system and resources in Education Cloud
CAS s IDP system and resources in Education Cloud DAREN ZHA CANS2015, Chengdu Outline CAS s IDP system and Education Cloud introduction Problems of interoperation A interoperation plan CAS s Education
More informationActive Directory Account Provisioning (ADAP)
SUNGARD SUMMIT 2007 sungardsummit.com 1 Active Directory Account Provisioning (ADAP) Presented by: Tom Chamberlin SunGardHE March 22, 2007 A Community of Learning Introduction Developed by SunGard Integration
More informationIdentity Management Systems for Collaborations and Virtual Organizations
Identity Management Systems for Collaborations and Virtual Organizations Topics Update on Internet identity IdM Systems for Virtual Organizations Goals Early Implementations Issues and Discussions Update
More informationIntegration Guide. SafeNet Authentication Service. Using SAS as an Identity Provider for Salesforce
SafeNet Authentication Service Integration Guide Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright 2013 SafeNet, Inc. All rights reserved. 1 Document Information
More informationThis chapter describes how to use the Junos Pulse Secure Access Service in a SAML single sign-on deployment. It includes the following sections:
CHAPTER 1 SAML Single Sign-On This chapter describes how to use the Junos Pulse Secure Access Service in a SAML single sign-on deployment. It includes the following sections: Junos Pulse Secure Access
More informationFeide Technical Guide. Technical details for integrating a service into Feide
Feide Technical Guide Technical details for integrating a service into Feide May 2015 Document History Version Date Initials Comments 1.0 Nov 2009 TG First issue 1.2 Nov 2009 TG Added SLO description 1.3
More informationAuthentication Integration
Authentication Integration VoiceThread provides multiple authentication frameworks allowing your organization to choose the optimal method to implement. This document details the various available authentication
More informationEgnyte Single Sign-On (SSO) Installation for OneLogin
Egnyte Single Sign-On (SSO) Installation for OneLogin To set up Egnyte so employees can log in using SSO, follow the steps below to configure OneLogin and Egnyte to work with each other. 1. Set up OneLogin
More informationSP-initiated SSO for Smartsheet is automatically enabled when the SAML feature is activated.
Chapter 87 Configuring Smartsheet The following is an overview of the steps required to configure the Smartsheet Web application for single sign-on (SSO) via SAML. Smartsheet offers both IdP-initiated
More information